[s4] Passwords work

[Andrew Bartlett]

On Sun, 2010-02-21 at 23:04 +0100, Matthias Dieter Wallnöfer wrote:
> In my personal repo under the "passwords" branch I finally completed the 
> work regarding the LDAP password handling for s4.
> I spoke already once to abartlet and he gave me some suggestions which I 
> implemented (eg the additional controls - one for returning password 
> policy information, one for allowing password changes/sets only through 
> hashes - which bypasses some checks). In addition I have finished a 
> python test suite (passwords.py) which shows the password handling 
> capabilities directly over LDAP (indirectly we have it already through 
> the SAMR password tests).
> 
> I tried to match the LDAP result codes of Windows as much as possible. I 
> was stuck to run the my test script against Windows since it requires a 
> LDAPS over SSL connection and I didn't know how to get this working on 
> s4 as a client. So I generated analogous test requests with an LDAP 
> client on the server (where I managed to prepare and install the 
> certificate) and compared the results.

I've pushed changes that allow the NTLM encryption of LDAP connections
to windows to finally work. 

If you could proceed with the modifications to your python script to use
encryption (that I posted earlier), and verify that your tests pass
against Windows, then we can proceed to a final review and merge of your
code!

I'm sorry this took so long,

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100324/cd7ddc00/attachment.pgp>